Job Description

We connect small business owners to investors – to create jobs, help families and power economies – because we believe that people are made to do more. And we want to help them get the finance they need to thrive, creating thousands of jobs as they drive the economy forward. Be part of the team that changes everything. Let’s build the place where small businesses can get the funding they need to win and leave a legacy behind, forever.

What will you be doing?

• Provide management and leadership of the Technology Risk and Governance function including accountability to lead and mentor a team of Risk and Business Resilience Managers.
• Support the Director of Information Security in providing expertise in Technology Risk Management including the identification, assessment, escalation and reporting of Technology risks.
• Accountable for monthly governance reporting to Technology, Operational and Board governance forums.
• Work closely with Technology 1st line teams to identify gaps, support the creation of mitigation plans and improve the technology control environment.
• Assist in driving risk remediation plans and activity to improve risk posture to within acceptable tolerance levels.
• Develop strong and effective working relationships across all 3 lines of defense, supporting them with technology risk due diligence processes and embedding the Enterprise Risk Management Framework (ERMF).
• Drive the remediation of audit and testing assurance findings to agreed timelines with evidence to support effective design and operational effectiveness.
• Assist in defining, managing and measuring effectiveness through OKRs and KRIs
• Identify critical technology resilience risks across the business including third parties, and propose appropriate strategies to protect and recover from current and emerging risks.
• Undertake risk based reviews of key technology processes and controls, ensuring findings are appropriately risk assessed and teams identify, document and track prioritized remediation activities aligned to roadmaps.
• Manage, develop and maintain the policy framework for Business Continuity and Disaster Recovery as part of wider Business Resilience activities and support the management of BIAs, Business Continuity Plans, recovery and time objectives.

Benefits

• Hybrid working environment (2 days a week in office), flexible working options with an amazing office and we will help support your home working set up.
• Private Medical Insurance and Dental Insurance.
• Learning and Wellbeing allowances AND other perks such as Gympass, Spill, Just Eat allowance, Electric Car Scheme and more!
• Access to Money Coach, Free Mortgage advisor partnership, Discounts at other retailers through perks at work.

Required Knowledge, Skills, and Abilities

• Responsible for managing and delivering technology, resilience initiatives as well as developing and managing a Technology risk and governance function
• Experienced in Technology infrastructure, controls and processes risk including control frameworks e.g. NIST, ISO27001, ISO27005, CIS, PCI DSS, SOC
• Experienced in making pragmatic, risk based decisions to drive value based outcomes within a Technology and/or Financial services with the ability to hit the ground running
• Effective in stakeholder management skills to work collaboratively with senior technical and non-technical stakeholders with excellent verbal and written communication skills
• Experienced with Policy and Standard management, awareness, audits and due diligence with Risk certifications e.g. CRISC/CISM/CISA
• Experienced of technology assurance activities to effectively review, monitor, measure and report control effectiveness
• Knowledgeable of legal and regulatory standard such as GDPR and CCPA, working with a GRC tool and AWS